Problem adding member server


#1

Just made a clean UCS install as a PDC, i could connect one windows 7 computer. Now i wanted to make separate UCS server as a fileserver and as documentation suggest it is wise to make it as a “member server”. Installation goes fine until setup hangs on “Domain setup ( this might take a while) - Preparing Domain Join”. Is there a way I can see logfiles somewhere what causes this hangup? From the PDC i can see that the new computer has appeared on the Devices / Computers section


#2

Hey,

I’m not sure whether or not you can get more details from the installer, but you can also join the server to the domain after the installation has completed and the server has been rebooted. No need to remove the already-existing entry from the domain either, it’ll be re-used/overwritten.

For such a manual join you’ll have to log in as root and execute »univention-join«. That should print out a lot of lines of hook scripts the task is executing.

Additionally you can find information about the join process in the log file /var/log/univention/join.log.


#3

I guess I found the problem:

root@zeus:~# univention-join
univention-join: joins a computer to an ucs domain
copyright © 2001-2015 Univention GmbH, Germany

Enter DC Master Account : Administrator
Enter DC Master Password:

Search DC Master: done
Check DC Master: done
Stop LDAP Server: done
Search ldap/base done
Start LDAP Server: done
Search LDAP binddn done
Sync time: done
Join Computer Account: done
Sync ldap.secret: done
Sync ldap-backup.secret: done
Sync SSL directory: done
Check TLS connection: done
Download host certificate: …


#4

Can you please post the content of the join.log?


#5

Well, i can not do that because I allready destroyed the vm -s. But I have a pretty good guess where the problem is. I reinstalled all servers and test workstation and the second time joining the domain worked:

Enter DC Master Account : Administrator
Enter DC Master Password:

Search DC Master: done
Check DC Master: done
Stop LDAP Server: done
Search ldap/base done
Start LDAP Server: done
Search LDAP binddn done
Sync time: done
Join Computer Account: done
Sync ldap.secret: done
Sync ldap-backup.secret: done
Sync SSL directory: done
Check TLS connection: done
Download host certificate: done
Sync SSL settings: done
Restart LDAP Server: done

i guess the problem was that I changed / regenerated the root certificate last time